Security watchers at the Internet Storm Centre (ISC) have noted a huge upsurge of traffic on TCP port 5168, associated with security bugs in ServerProtect (an enterprise software product designed to protect servers and storage attacks).

Flaws in the application create a means for miscreants to load malware onto vulnerable systems. Fortunately, Trend Micro has published software updates designed to plug the security hole.

ServerProtect for Windows version 5.58 Build 1176 is known to be vulnerable, but other versions may also be flawed. Trend advises users to update to Build 1185.

Sys admins are advised to patch up vulnerable systems or run the risk of dealing with compromised machines. "It looks likes machines are getting owned with this vulnerability," ISC warned on Wednesday.

More information on the vulns can be found in advisories from security tools vendor ISS, which discovered the majority of the vulnerabilities, here and here. ®